Back to CVE Browser

CVE-2005-4575

MEDIUM

5.0

CVSS Severity Score

EPSS Score0.0990%

EPSS Percentile24.16th

PublishedDec 29, 2005

Last ModifiedApr 16, 2026

Vulnerability Description

PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg parameter to loader.cfm with a url parameter set to email-login-info.cfm, which leaks the full pathname in the resulting error message.

Affected Platforms (CPE)

📦

Paperthin

Commonspot Content Server

<= 4.5

📦

Paperthin

Commonspot Content Server

= 2.5

📦

Paperthin

Commonspot Content Server

= 3.0

📦

Paperthin

Commonspot Content Server

= 3.2

📦

Paperthin

Commonspot Content Server

= 4.0

References & Advisories

🔗 http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html

🔗 http://secunia.com/advisories/18257

🔗 http://www.osvdb.org/21932

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/23865

🔗 http://pridels0.blogspot.com/2005/12/commonspot-content-server-vuln.html

🔗 http://secunia.com/advisories/18257

🔗 http://www.osvdb.org/21932

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/23865

Related Vulnerabilities

CVE-2005-45744.3

Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attack...

CVE-2010-04684.3

Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in PaperThin CommonSpot Content Server allows remote attackers ...

CVE-2005-266910.0

Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote at...

CVE-2005-063510.0

Buffer overflow in Foxmail Server 2.0 allows remote attackers to execute arbitrary code via a long USER command.